Which Cards Fall Under The Scope Of PCI DSS?

Being compliant with PCI DSS is a must for any commercial operation if it wants to handle card payments. That is, for any operation functioning within the bounds of the law, anyway. And because the standard applies to data security in general, this is the case whether the transactions are made in person, digitally, or even over the phone.

In any business’s effort to adhere to these standards, it’s good to be aware of card types that fall under PCI DSS. The short answer is that there are relatively few major networks that provide credit, debit, and prepaid cards, but that together these account for a large number of the payment methods you’ll see. Here, we’ll give a brief overview of the five networks covered by PCI DSS as participants in the PCI Security Standards Council (PCI SSC).

Visa International


An undisputed leader when it comes to processing payments, the California-based behemoth processed a total volume of $12.5 trillion between the summers of 2020 and 2021. The size and ubiquity of VisaNet is part of its appeal, and is used in all its products. The prepaid cards that use their Visa Readylink services for quick top-ups, such as the Starbucks® Rewards Visa® Prepaid Card, are certainly popular as well; they’re widely useful and have low fees compared to other prepaid cards. Forbes has been critical of these cards’ value propositions, but by and large prepaid and conventional Visa options alike are favored by countless consumers.

American Express


A company with quite the venerable history stretching back to the mid-19th century, AmEx is among the most popular providers for consumer cards as well. One reason for this is the variety of rewards cards it supports, such as the Delta SkyMiles® Gold Card or the well-regarded Hilton Honors Aspire Card. It’s also known for cards with popular perks, with AskMoney having noted in a past article that American Express supports more than one of the best rewards cards out there — namely, their own branded Gold and Platinum offerings.

JCB


Cards operating on the Japan Credit Bureau network are ubiquitous in East Asia, but have a worldwide presence as well. JCB has made many global partnerships such as with Santander in Spain and Discover in the USA, meaning that anywhere Discover cards are accepted, these should work, too.

Discover


Discover isn’t accepted as widely as some of the bigger players on this list. For instance, one notable exclusion is at Costco, which actually made an exclusive deal with Visa. But the good news is that like the others, compliance with PCI DSS means you have the ability to accept Discover card payments –– which are still quite popular –– knowing that you’ve met security standards to do so.

MasterCard


The smaller of the two dominant players, MasterCard tends to come across essentially as the direct counterpart to Visa. You may in act wonder if there are any meaningful differences between how the two operate. In many respects, the answer is no, as MarketWatch has more or less explained before. At the level of consumer services, there’s a slight difference in terms of fee structure. But the only other notable difference comes in some of the specific brand tie-ins. For instance, while Visa Signature Cards have discounts on golf experiences through Troon Rewards®, its counterpart, the World Mastercard, has partnered with PGA Tour®.

Other card companies such as Capital One will vary in terms of data security standards, and you’ll have to refer to their own documentation on the subject. But the five companies above and the countless cards they support will all work smoothly for you under PCI DSS. We hope this has been helpful, and don’t hesitate to return to PCI DSS Guide if you need further clarification on this or related topics.

Surkay Baykara
Surkay Baykarahttps://www.pcidssguide.com
A passionate Senior Information Security Consultant working at Cyberwise. Over the past 15+ years my professional career has included several positions beginning as a developer and IT administrator, working my way up to a senior Technical Performance Consultant before joining Biznet back in 2015. I had several different roles at Cyberwise, including Penetration Tester and PCI DSS QSA. In my job as a QSA, I found my passion and worked closely with the Audit and Compliance team. I've been working inside InfoSec for over 15 years, coming from a highly technical background. I have earned several certifications during my professional career including; CEH, CISA, CISSP, and PCI QSA.

More from author

What’s New in PCI DSS v4.0?

PCI DSS v4.0 replaces PCI DSS version 3.2.1 to address emerging threats and technologies better and provide innovative ways to combat new threats.

Firewall Rule Configuration Best Practices

When it comes to securing firewall rules, firewalls have a sensible procedure to follow. Whether you're upgrading hardware or establishing a whole new environment, the order of the procedures will differ.

Advantages of Using a Credit Card Vault for PCI

A credit card vault is a tool or tool that securely stores customer credit card numbers. In most cases where you use a credit card vault when you accept a card number from a customer, sensitive data does not enter your device, computer, or network.

Related posts

Latest posts

What’s New in PCI DSS v4.0?

PCI DSS v4.0 replaces PCI DSS version 3.2.1 to address emerging threats and technologies better and provide innovative ways to combat new threats.

Firewall Rule Configuration Best Practices

When it comes to securing firewall rules, firewalls have a sensible procedure to follow. Whether you're upgrading hardware or establishing a whole new environment, the order of the procedures will differ.

Advantages of Using a Credit Card Vault for PCI

A credit card vault is a tool or tool that securely stores customer credit card numbers. In most cases where you use a credit card vault when you accept a card number from a customer, sensitive data does not enter your device, computer, or network.

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!